IE20140024A1 - Web application protection system with transaction signing using near field communication (NFC) capable devices - Google Patents
Web application protection system with transaction signing using near field communication (NFC) capable devicesInfo
- Publication number
- IE20140024A1 IE20140024A1 IE20140024A IE20140024A IE20140024A1 IE 20140024 A1 IE20140024 A1 IE 20140024A1 IE 20140024 A IE20140024 A IE 20140024A IE 20140024 A IE20140024 A IE 20140024A IE 20140024 A1 IE20140024 A1 IE 20140024A1
- Authority
- IE
- Ireland
- Prior art keywords
- web
- transaction
- application
- user
- near field
- Prior art date
Links
Abstract
The present invention relates to the web application security in preventing fraudulent activity. In particular the invention provides a way to positively authenticate the web / application web site user, who is trying to access resources on a web application or web server using Near Field Communication (NFC) capable device. The advantage of the system is that the system provides noninvasive pluggable module based user second device based authentication for existing web applications or web sites with or without changes to current environment based on customer requirements. The method not only provides the high level of security but also eliminates false-positives, which are expensive and time-consuming for organizations.
Description
Web application Protection System with Transaction Signing using Near Field Communication (NFC) capable devices.
Field of Invention
The present invention relates to the web application security in World Wide Web based applications, hand held and mobile devices.
Background to the invention
Work Wide Web (WWW) based application which work on internet provide wide range of functionality and facilities to users all over the world. The nature of internet allows any user with a suitable application such as web browser, can access application which delivers useful functionality such as email, online banking, information storage and retrieval, content delivery, just to name few. However this same open nature of the internet also crated opportunities for hacker, fraudsters and other types of criminals, who take advantage of open nature of the internet based applications. The invention provides method to add additional layer of security to positively identify the end user to the web based internet application using Near Field Communication devices such as Near Field Communications (NFC) and Bluetooth.
Summary of the invention
The invention provides a means to means to provide second device based authentication for existing web applications. The invention composed of a system for improving web based application security by introducing second device such as mobile device based approval. The invention removes the complex process of transaction signing process with simple and noninvasive process which is not only more secure but also reliable. The invention also ensure that the mobile device is present at the point of the web transaction service provider system such as tablet computer or kiosk.
IE 14 0 024
Description of Embodiment
Brief description of drawings
The invention is described in details using the drawings provide in the following section. The embodiment includes examples to show few ways of interfacing and representing the authentication process in detail.
1. Fig. 1 is a schematic representation of the web application and client architecture.
2. Fig. 2 is a schematic representation of the web application and client architecture with second device based authentication.
3. Fig. 3 is a schematic representation of the flow chart of the web page transaction signing request to the second device like mobile device using near field communication.
4. Fig. 4 is a schematic representation of the alternative flow chart of the web page
Transaction Signing using second device like mobile device using near field communication.
. Fig.5 is a schematic representation of the alternative flow chart of the authorizing second device like mobile device using near field communication.
The invention is baed on current web application access between a client, typically a web browser or another computer system and a web application that is proving the functionality to the user. Figure 1, shows the typical architecture of the current web application. The client 101, connects to the web application 103, internet and request for a resource, such as log in page, account page etc.The web application 103, hosted at a secure site of customer’s choice, may contain network equipment such as firewalls, routers, application servers, web serves, mail severs, etc. The web application 103,
IE 14 0 024 upon receiving the request from client 101, will fetch or generate HTML content and sends to the client via internet 102. In this example any one with appropriate browser can access the web page hosted by the web application 103.
The invention shown in Fig 2 in high level architecture block diagram, the component or client system such as client computer or web browser 201, connects to the web application 204 via internet 202 and web application security system 203. The mobile device 205, is a registered customer device which uniquely identified by the server application. The web application security system 203, processes each request and parses responses from the web application. Each request data and response content to identify tags inserted by the web application to get authorisation from mobile device, 205. The web application security system, 203, also provides facility to the web application, 204, without inserting custom tags, configure the request requires mobile device, 205, authorisation.
The sequence diagram shown in Fig 3, describes the server message ,301, for web transaction authentication is initiated by the user. The server starts the process of transaction signing using second device based authentication, 302. The transaction authentication device, 303, such as ATM or Point-Of-Sale device, evaluates the transaction signing request from the server. If the transaction signing is required, The transaction authentication device, 303, such as ATM or Point-Of-Sale device, activates the Near Field Communications (NFC) reader, 304. The user swipes the mobile device, 305, near the Near Field Communications (NFC) reader. The Near Field Communications (NFC) reader, 304, transmits the transaction details to the mobile device, 305. Then Near Field Communications (NFC) reader 306, exchanges the transaction details with the mobile device, 305. The user accepts the transaction by preconfigured method such as entering pin code or putting signature using finger on the touch screen device, 307. The device sends the signed transaction to the server, 308. The ATM or Point-Of-Sale device, 309, sends the transaction to the server. The server,
310, receives the transaction confirmation independently from the ATM or Point-Of-Sale device, and the mobile device. If the both matches, the transaction is confirmed otherwise, the transaction is rejected.
IS Η Ο Ο 2 4
The sequence diagram shown in Fig 4, describes the server message, 401, for web transaction authentication is initiated by the user. The server starts the process of transaction signing using second device based authentication, 402. The transaction authentication device, 403, such as ATM or Point-Of-Sale device, evaluates the transaction signing request from the server. If the transaction signing is required, The transaction authentication device, 403, such as ATM or Point-Of-Sale device, activates the Near Field Communications (NFC) reader, 404. The server, 405, sends the transaction information to both the transaction authentication device, 406, such as ATM or Point-Of-Sale device, and the mobile device, 407. The user accepts the transaction by pre-configured method such as entering pin code or putting signature using finger on the touch screen device, 407. The device sends the signed transaction to the server, 408. The ATM or Point-Of-Sale device, 408, sends the transaction to the server. The server, 409, receives the transaction confirmation independently from the ATM or Point15 Of-Sale device, and the mobile device. If the both matches, the transaction is confirmed otherwise, the transaction is rejected.
In the sequence diagram shown in the fig-5, The user installs the application on the mobile device, 501. The user opens the application installed on the mobile device, 501.
The application, 502, detects that the mobile device is not authenticated, initiates authentication process. The application, 502, instructs the user to authenticate the mobile device using the transaction authentication device such as ATM or Point-Of-Sale device. When user tries to validate the mobile device, the transaction authentication device such as ATM or Point-Of-Sale device, 503, activates the Near Field
Communications (NFC) reader on the transaction authentication device such as ATM or Point-Of-Sale device. The transaction authentication device such as ATM or Point-OfSale device, 503, instructors the user to swipe the mobile device near the Near Field Communications (NFC) reader,504. The Near Field Communications (NFC) reader, 504, reads the user mobile device, 505, and sends the mobile device identifier to the server,
506. The mobile device, 505, sends the conformation token from the Near Field
Communications (NFC) reader, 504, to the server, 506. The server process 507, consolidates the data sent Near Field Communications (NFC) reader 504, and the data
IE 14 0 024 received from the mobile device 504. the server process, 507, sends conformation to the transaction authentication device such as ATM or Point-Of-Sale device, 508. The transaction authentication device such as ATM or Point-Of-Sale device, 508, confirms the mobile device authorization to the mobile device, 509. Now the mobile device, 509, is ready to accept and authorize web transactions as a valid authentication device.
Claims (7)
1. A system for improving web based application transaction security by introducing second device such as mobile device based approval using Near Field Communications (NFC).
2. The system of claim 1, interfaces in between web based application and the transaction authentication device such as ATM or Point-Of-Sale device, the system wiil request authorisation from the second user device, such as mobile device.
3. The system of claim 2, examines the request data from the client and forwards to the web application only with the approval comes from the user second device.
4. The system of claim 1, interfaces in between web based application and the 15 transaction authentication device such as ATM or Point-Of-Sale device, the system will positively authenticate the mobile device.
5. The system of claim 1, interfaces in between web based application and the transaction authentication device such as ATM or Point-Of-Sale device, the 20 system will positively authenticate the application installed on the mobile device.
6. The system of claim 1, interfaces in between web based application and the transaction authentication device such as ATM or Point-Of-Sale device, the system wiil positively authenticate the transaction from two independent sources.
7. The system of claim 1, interfaces in between web based application and the end user and examines the request data from the user and replaces the request data with second device based data from the user, there by providing secure data to the web server from two sources.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IE20140024A IE20140024A1 (en) | 2014-01-29 | 2014-01-29 | Web application protection system with transaction signing using near field communication (NFC) capable devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IE20140024A IE20140024A1 (en) | 2014-01-29 | 2014-01-29 | Web application protection system with transaction signing using near field communication (NFC) capable devices |
Publications (1)
Publication Number | Publication Date |
---|---|
IE20140024A1 true IE20140024A1 (en) | 2015-07-29 |
Family
ID=53838239
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
IE20140024A IE20140024A1 (en) | 2014-01-29 | 2014-01-29 | Web application protection system with transaction signing using near field communication (NFC) capable devices |
Country Status (1)
Country | Link |
---|---|
IE (1) | IE20140024A1 (en) |
-
2014
- 2014-01-29 IE IE20140024A patent/IE20140024A1/en not_active Application Discontinuation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11405380B2 (en) | Systems and methods for using imaging to authenticate online users | |
EP3195108B1 (en) | System and method for integrating an authentication service within a network architecture | |
US9412283B2 (en) | System, design and process for easy to use credentials management for online accounts using out-of-band authentication | |
KR101468977B1 (en) | Method and system for authentication using a mobile device | |
US20160269396A1 (en) | Methods and Systems for Controlling Mobile Terminal Access to a Third-Party Server | |
US20110277025A1 (en) | Method and system for providing multifactor authentication | |
US20130055362A1 (en) | Authenticating via mobile device | |
CN103986584A (en) | Double-factor identity verification method based on intelligent equipment | |
US20170295159A1 (en) | Authenticating Clients Using Tokens | |
JP2015062129A (en) | Flexible quasi-out-of-band authentication structure | |
WO2014016621A1 (en) | Identity generation mechanism | |
US9742766B2 (en) | System, design and process for easy to use credentials management for accessing online portals using out-of-band authentication | |
KR20160048161A (en) | Method and system for authenticating service | |
CN115022047B (en) | Account login method and device based on multi-cloud gateway, computer equipment and medium | |
KR20140081041A (en) | Authentication Method and System for Service Connection of Internet Site using Phone Number | |
US20220300960A1 (en) | System and method for confirming instructions over a communication channel | |
US9282094B1 (en) | Transparent adaptive authentication and transaction monitoring | |
KR20150146061A (en) | Voice recognition authentication system and method for providing authentication service using voice recognition | |
CN117172786A (en) | Identity authentication method, device, equipment, medium and program product | |
CN103929310A (en) | Mobile phone client side password unified authentication method and system | |
US20220116390A1 (en) | Secure two-way authentication using encoded mobile image | |
KR20150135171A (en) | Login processing system based on inputting telephone number and control method thereof | |
US10701105B2 (en) | Method for website authentication and for securing access to a website | |
KR20180039037A (en) | Cross authentication method and system between online service server and client | |
CN113746785A (en) | Mailbox login and processing method, system and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FC9A | Application refused sect. 31(1) |